﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Text;

public partial class Edituser : System.Web.UI.Page
{

	protected void Page_Load(object sender,EventArgs e)
	{
        if (Session["UserID"].ToString()==null)
		{
			Response.Write("<script>alert('你没有管理员权限，禁止访问！');history.back();</script>");
		}
		if (!Page.IsPostBack)
        {
            string id = Request.QueryString["userid"];
            HiddenID.Value = id;
            if (!string.IsNullOrEmpty(id))
            {
                DataSet ds = Socut.Data.ExecuteDataSet("select LoginName,isadmin from web_admin where id=" + id);
                LoginName.Text = ds.Tables[0].Rows[0][0].ToString();
				//string isadmin = ds.Tables[0].Rows[0][1].ToString();
				//this.isadmin.Items.FindByValue(isadmin).Selected=true;
				
				
            }
			else
			{
    			Response.Write("<script>alert('操作错误');history.back();</script>");
				
            }
			
        }
	}


	protected void UpdateBtn_Click(object sender,EventArgs e)
	{
		string Msg, Url;
        if (string.IsNullOrEmpty(HiddenID.Value))
        {
           Response.Write("<script>alert('操作错误');history.back();</script>");
        }
        else
        {
			string Opwd=FormsAuthentication.HashPasswordForStoringInConfigFile(this.OldPassword.Text, "md5");
			string Npwd=FormsAuthentication.HashPasswordForStoringInConfigFile(this.NewPassword.Text, "md5");
			if (!string.IsNullOrEmpty(this.NewPassword.Text) && !string.IsNullOrEmpty(this.OldPassword.Text))
			{
				Socut.Reader drp = new Socut.Reader("select * from web_admin where id=" + HiddenID.Value);
				drp.Read();			
				if (Opwd!=drp["pwd"].ToString())
				{
					Response.Write("<script>alert('原密码不正确');history.back();</script>");
				}
				else
				{
				Socut.Data.ExecuteNonQuery("update web_admin set LoginName='" + LoginName.Text + "',Pwd='" + Npwd + "' where id=" + HiddenID.Value);
				//Response.Write(LoginName.Text);
				//Response.End();
				Response.Write("<script>alert('修改成功');history.back();</script>");
				}
			}
			else
			{
				Response.Write("<script>alert('输入错误，请重新输入');history.back();</script>");
			}
        }
        
	}

	protected void ReturnBtn_Click(object sender,EventArgs e)
	{
		Response.Redirect("Manage.aspx");
	}
}
